Categories
Resources Web Development

Symfony 5+ check if user is logged in inside a twig template

Often you may need to know whether a user is logged in or not inside a template to show or not show something. For example you might want to show links to login or register if a user is not logged in but show a link to logout if the user is logged in.

To do this you use is_granted() within a template with one of the following.

IS_AUTHENTICATED_ANONYMOUSLY, IS_AUTHENTICATED_REMEMBERED, IS_AUTHENTICATED_FULLY

<div class="modal-body">
<ul class="nav flex-column">
{% if is_granted('ROLE_SUPER_ADMIN_1') %}
<a class="nav-link" href="{{ path('show_dash') }}">Dashboard</a>
{% endif %}
{% if is_granted('ROLE_USER') %}
<a class="nav-link" href="{{ path('app_logout') }}">Logout</a> {% else %}
<a class="nav-link" href="{{ path('app_login') }}">Login</a> or <a class="nav-link" href="{{ path('app_register') }}">Signup</a> {% endif %}
</ul>
</div>

Using ROLE_SUPER_ADMIN_1 which is something I made up for my own app to check what type of admin the user is. I don’t really like the IS_AUTHENTICATED_* methods, read more about them in the link below if you want.

Link to more information about IS_AUTHENTICATED_* here in  a really old symfony cast I found via google.

Categories
Resources Web Development

PHP resource links

What’s New in PHP 8 (Features, Improvements, and the JIT Compiler)

Categories
Resources Web Development

How to create a cookie in Symfony 5.0+ and render a template in a controller

First what I wanted to do was create a cookie in a Controller and display a template at the same time. Sort of like when a user visits a page you set a page count or something. The documentation doesn’t really show an example, you are expected to know it via “common sense” apparently according to one smartass.

There is more than one way I have discovered over time. Apparently you can use render the same way I show using renderView.

Below is the Symfony Cookie class create method comment/documentation. This is all of the values you can supply when creating a cookie.

 /**
     * @param string                        $name     The name of the cookie
     * @param string|null                   $value    The value of the cookie
     * @param int|string|\DateTimeInterface $expire   The time the cookie expires
     * @param string                        $path     The path on the server in which the cookie will be available on
     * @param string|null                   $domain   The domain that the cookie is available to
     * @param bool|null                     $secure   Whether the client should send back the cookie only over HTTPS or null to auto-enable this when the request is already using HTTPS
     * @param bool                          $httpOnly Whether the cookie will be made accessible only through the HTTP protocol
     * @param bool                          $raw      Whether the cookie value should be sent with no url encoding
     * @param string|null                   $sameSite Whether the cookie will be available for cross-site requests
     *
     * @throws \InvalidArgumentException
     */

If you create a cookie like this :

$response->headers->setCookie(Cookie::create('foo', 'bar'));

Then the cookie will only live/exist until the user closes their browser(unless your browser restores from your last session). You must supply an expires time to make it persist beyond closing the browser. Providing an expires time gives you better control over when the cookie expires due to the above mentioned browser restore issue which will restore cookies that should have died on browser close.

You can also create the cookie then pass it to setCookie() like this.

 $response = new Response();
        $expires = time() + 36000;
        $cookie = Cookie::create($cookieName, $cookieValue,  $expires);
        //$cookie = $response->headers->setCookie(Cookie::create('foo', 'bar'));
        $response->headers->setCookie($cookie);

        $content = "<html><body><h1>Learning symfony cookie creation techniques?</h1></body></html>";
        $response->setContent($content);
        $response->headers->set('Content-Type', 'text/html');
        return $response;

Here I set the expires to a number,  time() returns a linux/unix timestamp and I added 36000 seconds or 10 hours to it. This cookie will exist until the user refreshes their page or clicks a link in 10 hours from creation. However long you want it to live you add that many seconds. Or you could create a date using PHP DateTime as you can pass a DateTime object to the expires position. You then use the methods of DateTime to increase the time to a period in the future and pass the DateTime object after calling the methods to do so.

Side Note : in the above code, you can create a cookie without the $response->setContent() call. I do that with the body tag so that the profiler will show up at the bottom of the page for debugging.

That code goes inside a controller method for the requested route by the way. Usually you use the render() method inside a controller to send a response, which renders the template and sends it in a response. You can also use renderView to do the same thing and capture the value in a variable then use setContent or just make the renderView call right in setContent. I know that works. You can also store the returned value from render the same way.  But no matter how you do it, you must return the response object, the very last line. You can find all the methods of the Response class here in the source code.

If you wanted to render a view which requires variables to be sent you do it like this and capture the output of renderView().


 $content = $this->renderView('blog/display_article.html.twig', [
            'title' => $title,
            'article' => $article,
            'tags' => implode(', ', $tags),
            'tagLinks' => $links,
            'edit' => $editLink,
            'affiliateUrl' => $affiliateUrl,
            'backButton' => $backButton
        ]);

Note : do not just use php setcookie or setrawcookie. The reason is they start sending output headers to the browser, which may interfere with how symfony works. You probably won’t notice in a browser, but you may get errors when testing your controllers with functional tests etc.

Personally I created a huge class which extends DateTime which has all kinds of methods for adding days, hours, removing them and doing other math. I’d share it on github but it has bugs since I wrote it way back in version 5 of php in 2012. Some changes were made to DateTime and I haven’t had time to review them all and hunt down the changes that need to be made yet. I’ll probably do it and add it to github eventually.  But for now I use time() + seconds. It’s not the best solution but it works and I only need this one cookie.

And another person found me more hidden docs about cookies, I wish I had this days ago.

As another note. Any values you put in a cookie you must sanitize before trying to use them in any way since users can access and change regular cookie values.

Categories
Software Development Web Development

Where does symfony php framework hide the errors?

I kept saying this over and over and looking everywhere for answers. I finally found this page through googling tons of terms and combos until I found it. I kept thinking my errors would be in the logs I set in my Nginx configs, or even in my PHP configs. But they were continually empty, I was going insane. I seriously blew up on twitter.

BLOWING UP

I thought Symfony was simply suppressing or not passing the errors to Nginx. So the logs are located at the place in the link above from documentation and not in the location you set in the Nginx configs or PHP configs.

By default, log entries are written to the var/log/dev.log file when you’re in the dev environment. In the prod environment, logs are written to var/log/prod.log

What made this confusing was, the docs don’t have a logical link flow when you are reading them trying to learn Symfony. You later find the SymfonyCasts which are better. But what makes it  most confusing is in the docs about configuring Nginx, it even shows the following.

    error_log /var/log/nginx/project_error.log;
    access_log /var/log/nginx/project_access.log;

To me this was showing how to set the error log. This does nothing by the way, not unless nginx itself has an error I guess.

For months I’ve wondered WTF, where are my error logs. I kept putting my app in dev mode so I could debug it via the browser.

Don’t do that!!!!!

To be honest getting Symfony working with Nginx is a pain in the ballsocks. The reason is, Nginx doesn’t pass environmental variables through to php scripts like Apache does/can. If you want that kind of fancy feature you must hack nginx up and use some perl script or something similar. Otherwise with Nginx you must set the environment variables twice, once in nginx and once in shell.

Why would you do that?

Why two locations? Yeah this really angered me and blew my mind at first too. As mentioned above Nginx doesn’t have any easy way to pass the environment variables you set at the Linux server level. This is important with Symfony because you often need to run things like Doctrine on the command line.

So I was setting my Nginx Environmental variables, the app would see them just fine. I’d go to run doctrine or tests and BOOM missing environmental variables like WTF? Or I would set them in the Linux environment, view them with printenv load the app in the browser and Nginx didn’t pass the values to my script. It took a lot of googling to figure that out with lots of trial and failure. To make matters worse, you have to change the environmental variable names in order to run tests so that symfony loads them, otherwise it hides the values.

WTF is happening?

I then found out through experimenting that you had to set the variables for the command line in the Linux environment too. How to permanently set Linux environmental variablees covers how to do that. It’s easier to just Bash script or ansible the entire process with Hashicorp packer than to try to manually maintain it all, setting vars in two different places etc.

So for months I’ve been going insane trying to find my error logs. Today I found the error logs.

Problem solved

 

Categories
Software Development Web Development

How to configure php 7.4+ on Linux Ubuntu 20.04+

Configuring php can be confusing. PHP uses multiple configuration files, but the main ones are both named php.ini. You see with php you can have separate configurations for the app and the command line aka cli.

Why would you do that?

This may sound stupid at first but it is due to the fact that your command line is a different environment from your app environment.  In Linux for example each user of the cli has their own environmental variables. These variables get passed to the php cli. This can drive you insane on linux. You think you set the configurations correctly, app works, try command line and BOOM all messed up.

But I set the damn configs WTF?

The two main files are located at

  1. /etc/php/7.4/cli/php.ini
  2. /etc/php/7.4/fpm/php.ini

Yes they have the same exact name. Yes they contain the same thing. However, one is used for the command line (cli) and the other is for apps (fpm). So you must set the settings in both. If you wanted to use 1 file for both you might be able to remove/rename 1 file such as the cli, set the fpm file. Then use a symlink from the fpm file to the cli directory. It would require some testing but it will probably work.

P.S. The php configuration file is the largest you will ever in your life see. I’m guessing a few thousand lines, it feels like that, but there is a ton of commenting and documentation to help you complete with links.

Categories
Software Development Web Development

PHP tools for CI CD testing etc.

7 Continuous Integration Tools for PHP Laravel Developers

Categories
Random Resources Web Development

PHP random links and resources

PHP the Right way – a website/book full of the most useful information you will find about PHP

Categories
Resources Web Development

PHP Namespace information, links and resources

It is important to understand what namespaces are in PHP and how to use them. Otherwise you will be lost and have many pains.

Videos

Below is a series of great videos explaining PHP namespaces little by little in easy to find and digest chunks.\
PHP namespaces 1/10: What is a namespace in PHP?









Everything about PHP namespaces – OOP in PHP | Part 10

Categories
Resources Web Security

Symfony doctrine database secret configuration links and resources.

Storing secrets for Symfony applications – some ideas how to approach the topic

Categories
Resources Web Development

Symfony encore webpack compiling scss

I couldn’t remember where the hell in the documentation I saw this. This is how you tell yarn to run encore and compile everything.

Down below the section Configuring Encore/webpack